• Skip to Content

Known Vulnerabilities

This website uses cookies to ensure you get the best experience. Learn More.

Accept
  • Ask
  • Blogs
  • Chat
  • Download
  • Feedback
  • Help
  • Learn
  • Projects
  • /dev/24
  • Log In

Known Vulnerabilities

  • Overview
  • Reporting Security Issues
  • Known Vulnerabilities
  • Hall of Fame

Releases

  • Liferay Portal 7.4
  • Liferay Portal 7.3
  • Liferay Portal 7.2
  • Liferay Portal 7.1
  • Liferay Portal 7.0
  • Liferay Portal 6.2 CE
  • Liferay Faces
  • Liferay DXP 7.4
  • Liferay DXP 7.3
  • Liferay DXP 7.2
  • LIferay DXP 7.1
  • LIferay DXP 7.0
  • CVE-2023-33938 Stored XSS with object name in App Builder

  • CVE-2023-33939 Stored XSS in Modified Facet

  • CVE-2023-33944 XSS with container layout fragment URL

  • CVE-2023-33945 SQL injection in SQL Server upgrades

Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.

  • Community
  • Ask
  • Events
  • Learn
  • Meet
  • Company
  • Blogs
  • Careers
  • Download
  • Open Source
  • Feedback
  • Contact Us

Copyright © 2023 Liferay, Inc

Powered by Liferay Portal CE™